Antivirus vendors are wary of FBI's Magic Lantern

Antivirus vendors are concerned that FBI software reportedly designed for covert keystroke monitoring could fall into the wrong hands.

'I think the biggest risk is exploitation by hackers,' said Sandra England, executive vice president for business development and strategic research at Network Associates Inc. of Santa Clara, Calif., which sells McAfee antivirus software.

The FBI will not comment on the keystroke-monitoring software, dubbed Magic Lantern, but reports say that it could be distributed like recent Internet worms to replace law enforcement surveillance tools that must be physically installed on a suspect's home or office computer under court order. Distributing Trojan back-door software over a network could eliminate the court oversight.

Antivirus software is designed to detect and block such a covert program, which vendors are hesitant to accommodate. Once released, they say, it could be exploited for mischief.

'We have no way of knowing if it was written by the FBI, and even if we did, we wouldn't know whether it was being used by the FBI or if it had been commandeered by a third party,' said Graham Cluley, senior technology consultant for Sophos Anti-Virus Inc. of Wakefield, Mass. Sophos released a statement saying it would not leave holes in its software for Magic Lantern.

England said Network Associates cooperates with law enforcement, but 'our first job is to protect our customers and make sure they are secure.'

John W. Thompson, president and chief executive officer of Symantec Corp. of Cupertino, Calif., said, 'Our first job is to protect the interests of the shareholders.'

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.